To ensure data security on devices for local storage, several pointed solutions are available that rely on proven encryption and decryption mechanisms. Standard security practices recommend that the keys used for encryption and decryption should not be stored along with the encrypted data. This is akin to locking a door with a strong lock and leaving the key under the doormat.
Also, a user may use multiple keys to encrypt different pieces of data. Managing these keys can become very difficult when the number of keys used to encrypt the different pieces of data significantly increases.
Furthermore, standard security practices require that the keys used for encryption and decryption should be changed periodically. In such a case, the data encrypted by previous keys should be recoverable and the integrity of data should still be maintainable. The keys required for decryption of data may get lost or corrupted. In which case there would be no way of recovering the encrypted data.
Organizations require that access to sensitive corporate data stored in encrypted format should be recoverable (decrypted) by authorized personnel other than the entity who may have encrypted the data. This requirement arises from the fact that an entity may leave the organization. In such a case the data encrypted by that entity should still be recoverable by authorized personnel such as an administration/organization or a government.
Conventional solutions for key escrow and distribution are largely targeted towards systems, such as desktops, servers, storage devices, and other such fixed machines, which are protected within the periphery of the corporate firewall. These systems generally have sufficient processing capabilities, power/energy resources and capabilities to comply with the corporate security policies. In addition, these systems are physically protected within the corporate periphery.
However, these conventional solutions are not adequate to address the security and integrity needs of mobile computing devices like laptops, personal digital assistants (PDAs), tablet computers and mobile media like flash cards. Mobile devices and media are exposed to security threats, which are not common to fixed systems. They do not lie within the periphery of the enterprise; hence it is difficult to mandate and audit them to adhere to corporate security and firewall policies.
In addition, portable computing devices and mobile media are vulnerable to theft, thereby increasing the likelihood of exposing sensitive files. Storing laptop data in a cryptographic file system does not fully address the problem. Such systems ask the user to imbue them with long-term authority for decryption, but that authority can be used by anyone who physically possesses the machine.
Further, these conventional solutions do not address the issue of recovering encrypted data stored in removable media like flash cards, floppies, thumb drives and the like, when user credentials are unavailable or the device used for encryption is lost. When there is a loss of a mobile device or user credentials, there is no mechanism to recover the data stored on removable media by conventional techniques and hence there is a loss of data.
Furthermore, mobile devices have limited computing and battery power and hence solutions that rely on public keys may prove to be computationally expensive. Not all mobile devices support industry standard key-lengths, such as 128 bit and above for symmetric encryption and 512 bit and above for asymmetric key encryption.
One conventional technique uses a Public Key Infrastructure (PKI) based solution, which mostly depends on X.509 Digital Certificates, Certification Authority, CA and PKI. These solutions typically rely on asymmetric keys for mutual authentication, which can require large processing capabilities and mandate the requirement of a PKI. Therefore, these solutions can result in not being very cost effective. Moreover, the certificates used in PKI are not customized with extensions to accommodate the requirements of mobile devices, like unique device identifier, device capability credentials and so on.
Another conventional technique relies on using trusted escrow agents that require manual intervention. Such solutions are generally not feasible in an enterprise with a large number of mobile device deployments. Further, these solutions tend to be slow and non-adaptive.
The above techniques rely heavily on role based access control to restrict/allow access to corporate data. Such techniques have control over who is viewing the data, but they do not have any control over where the data is being accessed. For example, based on use and domain credential an authorized user can access enterprise data from a desktop, laptop or PDA. While this addresses convenience of data being accessed any time, anywhere, there are serious security threats to be concerned about when dealing with mobile devices. The security capabilities of mobile devices are generally inferior when compared with the security capabilities of fixed devices. In addition, current corporate security policies and firewalls do not provide adequate control over mobile devices.